darahbiru's repositories
AFLplusplus
The fuzzer afl++ is afl with community patches, qemu 5.1 upgrade, collision-free coverage, enhanced laf-intel & redqueen, AFLfast++ power schedules, MOpt mutators, unicorn_mode, and a lot more!
akabe1-semgrep-rules
My collection of Semgrep rules for vulnerability detection on source code (swift, java)
Android-Reports-and-Resources
A big list of Android Hackerone disclosed reports and other resources.
ARTful
The ARTful library for dynamically modifying the Android Runtime
BlackDex
BlackDex is an Android unpack(dexdump) tool, it supports Android 5.0~12 and need not rely to any environment. BlackDex can run on any Android mobile phone or emulator, you can unpack APK File in several seconds.
blutter
Flutter Mobile Application Reverse Engineering Tool
Docker-OSX
Run macOS VM in a Docker! Run near native OSX-KVM in Docker! X11 Forwarding! CI/CD for OS X Security Research! Docker mac Containers.
evilginx2
Standalone man-in-the-middle attack framework used for phishing login credentials along with session cookies, allowing for the bypass of 2-factor authentication
frida-ios-hook
A tool that helps you easy trace classes, functions, and modify the return values of methods on iOS platform
fridump
A universal memory dumper using Frida
ghidra-frida-hook-gen
Frida hook generator for Ghidra
grapefruit
(WIP) Runtime Application Instruments for iOS. Previously Passionfruit
HowToHunt
Collection of methodology and test case for various web vulnerabilities.
iOS_Reverse_Engineering
The iOS IPA file Reverse Engineering reference
Katalina
Katalina is like Unicorn but for Dalvik bytecode. It provides an environment that can execute Android bytecode one instruction at a time.
KUNAI-static-analyzer
Tool aimed to provide a binary analysis of different file formats through the use of an Intermmediate Representation.
Loki
Loki - Simple IOC and YARA Scanner
OSX-KVM
Run macOS on QEMU/KVM. With OpenCore + Monterey + Ventura + Sonoma support now! Only commercial (paid) support is available now to avoid spammy issues. No Mac system is required.
owasp-mastg
The Mobile Application Security Testing Guide (MASTG) is a comprehensive manual for mobile app security testing and reverse engineering. It describes the technical processes for verifying the controls listed in the OWASP Mobile Application Security Verification Standard (MASVS).
PayloadsAllTheThings
A list of useful payloads and bypass for Web Application Security and Pentest/CTF
radare2
UNIX-like reverse engineering framework and command-line toolset
RMS-Runtime-Mobile-Security
Runtime Mobile Security (RMS) 📱🔥 - is a powerful web interface that helps you to manipulate Android and iOS Apps at Runtime
SqliSniper
Advanced Time-based Blind SQL Injection fuzzer for HTTP Headers
sysreptor
Fully customisable, offensive security reporting solution designed for pentesters, red teamers and other security-related people alike.
Telerecon
A reconnaissance framework for researching and investigating Telegram.
uber-apk-signer
A cli tool that helps signing and zip aligning single or multiple Android application packages (APKs) with either debug or provided release certificates. It supports v1, v2 and v3 Android signing scheme has an embedded debug keystore and auto verifies after signing.
usbmuxd
A socket daemon to multiplex connections from and to iOS devices
zsh-autosuggestions
Fish-like autosuggestions for zsh